TXT legacy boot debug

Signed-off-by: Sergii Dmytruk <[email protected]>

.github/workflows/build.yml

@@ -4,7 +4,7 @@ on:
   push:
     branches:
       - 'intel-txt-aem*'
-      - 'xen-uefi'
+      - 'xen-uefi*'
     tags:
       - '*'
 

grub-core/loader/multiboot_mbi2.c

@@ -1270,6 +1270,8 @@ grub_multiboot2_perform_slaunch (grub_uint32_t mbi_target,
   dlinfo = grub_slr_next_entry_by_tag (slparams->slr_table_mem, NULL, GRUB_SLR_ENTRY_DL_INFO);
   dl_entry ((grub_uint64_t)(grub_addr_t) &dlinfo->bl_context);
 
+  grub_dprintf ("slaunch", "BROKEN dl_entry!");
+
   /* If this returns, something failed miserably */
   return GRUB_ERR_BAD_DEVICE;
 }

grub-core/loader/slaunch/txt.c

@@ -82,6 +82,17 @@ static grub_err_t
 enable_smx_mode (void)
 {
   grub_uint32_t caps;
+  grub_uint64_t feat_ctrl = grub_rdmsr (GRUB_MSR_X86_FEATURE_CONTROL);
+
+  if (!(feat_ctrl & GRUB_MSR_X86_FEATURE_CTRL_LOCK))
+    {
+      grub_dprintf ("slaunch", "Firmware didn't lock FEATURE_CONTROL MSR,"
+		    "locking it now\n");
+      /* Not setting SENTER_FUNCTIONS and SENTER_ENABLE because they were tested
+       * in grub_txt_verify_platform() */
+      feat_ctrl |= GRUB_MSR_X86_FEATURE_CTRL_LOCK | GRUB_MSR_X86_ENABLE_VMX_IN_SMX;
+      grub_wrmsr (GRUB_MSR_X86_FEATURE_CONTROL, feat_ctrl);
+    }
 
   /* Enable SMX mode. */
   grub_write_cr4 (grub_read_cr4 () | GRUB_CR4_X86_SMXE);
@@ -264,6 +275,12 @@ save_mtrrs (struct grub_slr_txt_mtrr_state *saved_bsp_mtrrs)
       saved_bsp_mtrrs->mtrr_pair[i].mtrr_physbase =
         grub_rdmsr (GRUB_MSR_X86_MTRR_PHYSBASE0 + i * 2);
     }
+  /* Zero unused array items. */
+  for ( ; i < GRUB_TXT_VARIABLE_MTRRS_LENGTH; ++i)
+    {
+      saved_bsp_mtrrs->mtrr_pair[i].mtrr_physmask = 0;
+      saved_bsp_mtrrs->mtrr_pair[i].mtrr_physbase = 0;
+    }
 }
 
 static void
@@ -491,7 +508,7 @@ grub_set_mtrrs_for_acmod (struct grub_txt_acm_header *hdr)
   /* Enable MTRRs */
   set_all_mtrrs (1);
 
-  /* Restore CR0 (cacheing) */
+  /* Restore CR0 (caching) */
   grub_write_control_register (GRUB_CR0, cr0);
 
   /* Restore CR4 (global pages) */
@@ -533,12 +550,14 @@ static void
 set_txt_info_ptr (struct grub_slaunch_params *slparams,
                   struct grub_txt_os_mle_data *os_mle_data)
 {
+  struct grub_slr_table *slr_table = slparams->slr_table_mem;
   struct grub_slr_entry_hdr *txt_info;
 
-  txt_info = grub_slr_next_entry_by_tag ((struct grub_slr_table *)(grub_addr_t)slparams->slr_table_base,
+  txt_info = grub_slr_next_entry_by_tag (slr_table,
                                          NULL,
                                          GRUB_SLR_ENTRY_INTEL_INFO);
-  os_mle_data->txt_info = (grub_addr_t)txt_info;
+  os_mle_data->txt_info = (grub_addr_t) slparams->slr_table_base
+      + ((grub_addr_t) txt_info - (grub_addr_t) slparams->slr_table_mem);
 }
 
 static grub_err_t
@@ -571,6 +590,20 @@ init_txt_heap (struct grub_slaunch_params *slparams, struct grub_txt_acm_header
   size = (grub_uint64_t *) ((grub_addr_t) os_mle_data - sizeof (grub_uint64_t));
   *size = sizeof (*os_mle_data) + sizeof (grub_uint64_t);
 
+  //if (slparams->slr_table_base == GRUB_SLAUNCH_STORE_IN_OS2MLE)
+  //  {
+  //    /* SLRT needs to be at least 4-byte aligned per specification. */
+  //    slparams->slr_table_base =
+  //        ALIGN_UP ((grub_addr_t) os_mle_data + sizeof (*os_mle_data), 4);
+
+  //    /* Recompute size including SLRT table in it. */
+  //    *size = (slparams->slr_table_base + slparams->slr_table_size)
+  //          - ((grub_addr_t) os_mle_data - sizeof (grub_uint64_t));
+
+  //    /* Size of heap sections should be a multiple of 8. */
+  //    *size = ALIGN_UP (*size, 8);
+  //  }
+
   grub_memset (os_mle_data, 0, sizeof (*os_mle_data));
 
   os_mle_data->version = GRUB_SL_OS_MLE_STRUCT_VERSION;
@@ -666,12 +699,11 @@ init_txt_heap (struct grub_slaunch_params *slparams, struct grub_txt_acm_header
 
   grub_dprintf ("slaunch", "SINIT capabilities 0x%08x\n", sinit_caps);
 
-  /* CBnT bits 5:4 must be 11b, since D/A mapping is the only one supported. */
-  os_sinit_data->capabilities = GRUB_TXT_CAPS_TPM_12_NO_LEGACY_PCR_USAGE |
-				GRUB_TXT_CAPS_TPM_12_AUTH_PCR_USAGE;
+  os_sinit_data->capabilities = GRUB_TXT_CAPS_TPM_12_AUTH_PCR_USAGE;
 
   if (grub_get_tpm_ver () == GRUB_TPM_20)
     {
+      /* CBnT bits 5:4 must be 11b, since D/A mapping is the only one supported. */
       if ((sinit_caps & os_sinit_data->capabilities) != os_sinit_data->capabilities)
         return grub_error (GRUB_ERR_BAD_ARGUMENT,
                            N_("Details/authorities PCR usage is not supported"));
@@ -975,8 +1007,10 @@ grub_txt_boot_prepare (struct grub_slaunch_params *slparams)
 
   err = init_txt_heap (slparams, sinit_base);
 
-  if (err != GRUB_ERR_NONE)
+  if (err != GRUB_ERR_NONE) {
+    grub_dprintf ("slaunch", "BROKEN init_txt_heap!");
     return err;
+  }
 
   /* Update the MLE header if it's part of the memory image . */
   mle_header = (struct grub_txt_mle_header *)(grub_addr_t) (slparams->mle_start + slparams->mle_header_offset);
@@ -985,6 +1019,10 @@ grub_txt_boot_prepare (struct grub_slaunch_params *slparams)
       mle_header->first_valid_page = 0;
       mle_header->mle_end = slparams->mle_size;
     }
+  else
+    {
+      grub_dprintf ("slaunch", "didn't update MLE header!");
+    }
 
   slparams->dce_base = (grub_uint32_t)(grub_addr_t) sinit_base;
   slparams->dce_size = sinit_base->size * 4;
@@ -1000,5 +1038,6 @@ grub_txt_boot_prepare (struct grub_slaunch_params *slparams)
 
   grub_tpm_relinquish_locality (0);
 
+  grub_dprintf ("slaunch", "all good in grub_txt_boot_prepare()!");
   return GRUB_ERR_NONE;
 }

include/grub/i386/msr.h

@@ -37,6 +37,7 @@
 #define GRUB_MSR_X86_ICR_DELIVER_EXCL_SELF (3<<18)
 
 #define GRUB_MSR_X86_FEATURE_CONTROL    0x0000003a
+#define GRUB_MSR_X86_FEATURE_CTRL_LOCK  (1<<0)
 #define GRUB_MSR_X86_ENABLE_VMX_IN_SMX  (1<<1)     /* Enable VMX inside SMX */
 #define GRUB_MSR_X86_SENTER_FUNCTIONS   (0x7f<<8)  /* Bitmap of SENTER function enables */
 #define GRUB_MSR_X86_SENTER_ENABLE      (1<<15)    /* SENTER global enable */